CVE-2025-3200

CRITICAL

Com-Server - Info Disclosure

Title source: llm

Description

An unauthenticated remote attacker could exploit the used, insecure TLS 1.0 and TLS 1.1 protocols to intercept and manipulate encrypted communications between the Com-Server and connected systems.

References (1)

[Various Sources] https://certvde.com/en/advisories/VDE-2025-031/

Scores

CVSS v3 9.1

EPSS 0.0009

EPSS Percentile 25.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

CWE

CWE-327

Status published

Products (5)

Wiesemann & Theis/Com-Server 20mA 0.0.0 - 1.60

Wiesemann & Theis/Com-Server OEM 0.0.0 - 1.60

Wiesemann & Theis/Com-Server PoE 3x Isolated 0.0.0 - 1.60

Wiesemann & Theis/Com-Server UL 0.0.0 - 1.60

Wiesemann & Theis/Com-Server++ 0.0.0 - 1.60

Published Apr 28, 2025

Tracked Since Feb 18, 2026